Ken Walling's blog

Microsoft Security Advisory (2934088) Vulnerability in Internet Explorer Could Allow Remote Code Execution

Feb
27

Microsoft has issued a security advisory for a zero-day exploit which was first identified in January and recently used in attacks against users of the US Veterans of Foreign Wars official site, as well as a decoy site for the French aerospace association GIFAS.

Posted By Ken Walling read more

Apple Releases Critical Patches For iOS and Mac Software To Fix SSL Implementation

Feb
25

Apple Released major critical updates to iOS and Mac OS X software, fixing issues with their implementation of SSL (Secure Sockets Layer) which could lead to MITM (Man-In-The-Middle) attacks against their users. Updates can be easily applied in the normal way through "Software Update" or can be manually downloaded.

iOS update released 21 February, 2014:
http://support.apple.com/kb/HT6147?viewlocale=en_US&locale=en_US

Posted By Ken Walling read more

Adobe Flash Zero-Day Exploit Drops PlugX Remote Access Tool

Feb
21

Adobe has released a patch out of their normal patch release cycle to address three critical vulnerabilities in their Flash Player software, including removing a vulnerability being used by a zero-day exploit which drops PlugX, a remote access tool which can be used by an attacker to maintain covert access of a victim's compromised system. Update APSB14-07 should be applied as soon as possible to Windows and Linux systems that have Adobe Flash Player installed.

Posted By Ken Walling read more

One Malware Scanner is not Enough

Feb
15

I decided to put up a quick post for folks who might not be up to date on the malware (malicious software) arms race. This isn't really anything new - but some of you may not be familiar with the reality of getting virus programs, and other malware, off of your computers.

Posted By Ken Walling read more

CIO Brief: Cyber Attack Destroys Data on 32K Computers in South Korea

Mar
25

Approximately 32,000 financial and media industry computers were infected by an attack in South Korea last Wednesday.  Originally, it was thought that the IP address of origin was Chinese.  But as per a BBC report, the IP address was configured on a server at the Nonghyup Bank, which was one of the banks hit in the attack.  In other words, the attack seems to have come from within. Another thing to consider is this:  the attacks were very successful at destroying data and bringing down systems.

Posted By Ken Walling read more

Customers Can't Trust Vendors to Act Responsibly

Mar
21

A back door has been discovered in theTP-Link TL-WDR4300 dual band WiFi router. This is a popular SOHO class router with a major problem that the vendor seems to be ignoring. Sekurak, a Polish Security group, reportedly reached out to TP-Link several times (out of a professional courtesy that shows a responsible blend of full disclosure and caution), but received no reply.

Posted By Ken Walling read more

23 FEB 13 Cyber-Warfare and China

Feb
23

Chinese Army Unit Is Seen as Tied to Hacking Against U.S.

NYTimes Article of interest: http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied...

Posted By Ken Walling read more

Linux Firewall Presentation at SIG

Feb
23

CyberCede will be hosting a presentation on setting up a basic host-based firewall on a Debian based Linux server with Netfilter and iptables on the 23rd of February, 2013, at 1PM EST. The presentation will be given at the hacker/maker space in Syracuse.

Check out the Meetup page for more details: http://www.meetup.com/Syracuse-Innovators/

Posted By Ken Walling read more
Subscribe to RSS - Ken Walling's blog